Microsoft Cloud Hack Exposed More Than Exchange, Outlook Emails

Researchers at cloud security startup Wiz have an urgent warning for organizations running Microsoft’s M365 platform: That stolen Microsoft security key gave Chinese hackers access to data beyond Exchange Online and Outlook.com. Tamari said the hackers may have also accessed Microsoft customer applications that support the “login with Microsoft” functionality, and multi-tenant applications in certain conditions.

“Our researchers concluded that the compromised MSA key could have allowed the threat actor to forge access tokens for multiple types of Azure Active Directory applications, including every application that supports personal account authentication, such as SharePoint, Teams, OneDrive,” Wiz researcher Shir Tamari said in a document posted online.

Microsoft Cloud Hack Exposed More Than Exchange, Outlook Emails

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Microsoft Cloud Hack Exposed More Than Exchange, Outlook Emails

21-Jul-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address